Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

• Over 40 residents were temporarily displaced following a
Tabula Rasa Energy-operated oil well blowout December 8 in Gaines County,
Texas, that released clouds of toxic fumes containing hydrogen sulfide. – KWES
9 Midland/Odessa

3. December
8, KWES 9 Midland/Odessa – (Texas) Oil well blowout reported in
Gaines County, evacuations in effect. Over 40 residents were evacuated and
temporarily displaced following a Tabula Rasa Energy-operated oil well blowout
December 8 in Gaines County that released clouds of toxic fumes containing
hydrogen sulfide. Authorities are monitoring the air quality and are
investigating the cause of the pressure control failure which led to the
blowout. Source: http://www.newswest9.com/story/30695088/oil-well-blowout-reported-in-gaines-county

• Interstate 10 in Louisiana, was shut down for approximately
12 hours December 8 following a multi-vehicle crash that left 2 drivers
injured. – Baton Rouge Advocate

• The FBI announced December 8 that its current tracking
system which gathers information on violent police encounters in the U.S. will
be replaced by 2017 and will include additional data and near real-time
reporting. – Washington Post

20. December
8, Washington Post – (National) FBI to sharply expand system for tracking fatal
police shootings. The FBI announced December 8 its current tracking system
that gathers information on violent police encounters in the U.S. will be
replaced by 2017 and will include the tracking of incidents in which an officer
causes serious injury or death to civilians, and data collection that is share
with the public in near real-time.

33. December
8, MassLive.com – (Massachusetts) Worcester store conducted more than 22,500
questionable food stamp transactions in $3.6 million SNAP theft. A
convenience store owner was charged December 8 for 1 count of conspiracy to
commit Supplemental Nutritional Assistance Program (SNAP) benefits fraud and 1
count of money laundering and SNAP fraud following allegations that the woman
conducted more than 22,500 transactions of $100 or more within a 4-year span at
her J&W Aseda Plaza store in Massachusetts. The woman stole $3.6 million
from the Federal government and paid individuals 50 cents for every SNAP
dollar. Source:
http://www.masslive.com/news/worcester/index.ssf/2015/12/vida_causeys_worcester_store_c.html

Financial Services Sector

7. December
8, U.S. Attorney’s Office, Eastern District of Pennsylvania – (New
York) New York man charged with bank fraud. A Brooklyn man was charged
in Pennsylvania December 8 on 3 counts of bank fraud for receiving $9.3 million
worth of loans, loan modifications, and loan extensions from Republic First
Bank by submitting fraudulent documents that claimed his $2 million investment
portfolio was worth $26 million to $60 million at different times. Source: https://www.fbi.gov/philadelphia/press-releases/2015/new-york-man-charged-with-bank-fraud

9. December
8, U.S. Securities and Exchange Commission – (North Carolina) SEC
charges ZeekRewards pyramid-Ponzi scheme promoter. The U.S. Securities and
Exchange Commission (SEC) reported December 8 that an individual was charged
December 4 in North Carolina for her role in an $850 million Internet-based
Ponzi and pyramid scheme operated by Rex Venture Group LLC d/b/a
ZeekRewards.com where she solicited investors to participate in the Web site’s
program which offered investors several ways to earn money involving the
purchase of securities that were not registered with the SEC from January 2011
to August 2012. Authorities allege that the woman and other co-conspirators
lured and falsely promised investors a share of the company’s purported
profits. Source: http://www.sec.gov/litigation/litreleases/2015/lr23421.htm

23. December
9, Softpedia – (International) DNS Root servers hit by DDoS attack. Researchers
from RootOps reported that a large-scale denial-of-service (DDoS) attack on the
Internet’s Domain Name System (DNS) root servers caused timeouts for the B, C,
G, and H node servers after 2 attacks blasted up to 5 million queries per
second per DNS root name server. The DDoS attacks did not cause serious damage.
Source: http://news.softpedia.com/news/dns-root-servers-hit-by-ddos-attack-497363.shtml

25. December
9, SecurityWeek – (International) Microsoft patches Windows, Office flaws
exploited in the wild. Microsoft released 12 security bulletins addressing
60 flaws in several of its products including Windows, Internet Explorer, Edge,
.NET, Office, and Skype for Business, among other products, addressing 2
zero-day flaws exploited in the wild that could allow attackers to run
arbitrary code and gain control of the infected system if a victim logs on with
administrative rights. Source: http://www.securityweek.com/microsoft-patches-windows-office-flaws-exploited-wild

26. December
8, SecurityWeek – (International) Critical flaw found in AVG, McAfee, Kaspersky
products. Researchers from enSilo discovered a serious vulnerability in
AVG, McAfee, and Kaspersky security products that allows attackers to bypass
Windows protection protocol and exploit vulnerabilities in third-party
applications to compromise the underlying system in a multi-stage attack. AVG,
McAfee, and Kaspersky patched the flaws in each of their systems. Source: http://www.securityweek.com/critical-flaw-found-avg-mcafee-kaspersky-products

28. December
8, Softpedia – (International) Security flaw fixed in Malwarebytes
antivirus. Malwarebytes Corporation released a patch for its Windows
antivirus software after a researcher from COSIG research & pentesting team
discovered a security vulnerability that can be exploited when a malformed
executable with an invalid integer(-1) in the “SizeOfRawData” in UPX section is
deconstructed by the Malwarebytes antivirus, enabling a memory corruption flaw
that can expose the infected system to an arbitrary code attack. Malwarebytes
stated there was no evidence to suggest the exploit was used in the wild. Source:
http://news.softpedia.com/news/security-flaw-fixed-in-malwarebytes-antivirus-497329.shtml

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"